Re: One tomcat server with different webapps on different ports?
Hello Richard/Friends, I might be wrong, but I guess the best approach would be to use apache httpd or nginx as a reverse proxy and leave tomcat alone Kind Regards, Geraldo Netto Sapere Aude => Non dvcor, dvco http://exdev.sf.net/ On Sun, 25 Nov 2018 at 00:05, wrote: > > Tomcat/9.0.13 > > > I'd like to have my webapps generally on 443, but the manager and > host-manager on some other port, say 444. > > My reason for doing that would be that I could then use linux's iptables > to restrict access to 444 to a few known addresses, but anyone could > access 443. > > I would of course want to use the manager application on 444 to manage > the applications visible on 443. > > Is this possible? > > > Richard > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
One tomcat server with different webapps on different ports?
Tomcat/9.0.13 I'd like to have my webapps generally on 443, but the manager and host-manager on some other port, say 444. My reason for doing that would be that I could then use linux's iptables to restrict access to 444 to a few known addresses, but anyone could access 443. I would of course want to use the manager application on 444 to manage the applications visible on 443. Is this possible? Richard - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: help installing mod_jk on Centos 7 on a Google Cloud server
Here is what I see Loaded Modules: core_module (static) so_module (static) http_module (static) access_compat_module (shared) actions_module (shared) alias_module (shared) allowmethods_module (shared) auth_basic_module (shared) auth_digest_module (shared) authn_anon_module (shared) authn_core_module (shared) authn_dbd_module (shared) authn_dbm_module (shared) authn_file_module (shared) authn_socache_module (shared) authz_core_module (shared) authz_dbd_module (shared) authz_dbm_module (shared) authz_groupfile_module (shared) authz_host_module (shared) authz_owner_module (shared) authz_user_module (shared) autoindex_module (shared) cache_module (shared) cache_disk_module (shared) data_module (shared) dbd_module (shared) deflate_module (shared) dir_module (shared) dumpio_module (shared) echo_module (shared) env_module (shared) expires_module (shared) ext_filter_module (shared) filter_module (shared) headers_module (shared) include_module (shared) info_module (shared) log_config_module (shared) logio_module (shared) mime_magic_module (shared) mime_module (shared) negotiation_module (shared) remoteip_module (shared) reqtimeout_module (shared) rewrite_module (shared) setenvif_module (shared) slotmem_plain_module (shared) slotmem_shm_module (shared) socache_dbm_module (shared) socache_memcache_module (shared) socache_shmcb_module (shared) status_module (shared) substitute_module (shared) suexec_module (shared) unique_id_module (shared) unixd_module (shared) userdir_module (shared) version_module (shared) vhost_alias_module (shared) dav_module (shared) dav_fs_module (shared) dav_lock_module (shared) lua_module (shared) mpm_prefork_module (shared) proxy_module (shared) lbmethod_bybusyness_module (shared) lbmethod_byrequests_module (shared) lbmethod_bytraffic_module (shared) lbmethod_heartbeat_module (shared) proxy_ajp_module (shared) proxy_balancer_module (shared) proxy_connect_module (shared) proxy_express_module (shared) proxy_fcgi_module (shared) proxy_fdpass_module (shared) proxy_ftp_module (shared) proxy_http_module (shared) proxy_scgi_module (shared) proxy_wstunnel_module (shared) ssl_module (shared) systemd_module (shared) cgi_module (shared) No mod_jk On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Lou, > > On 11/24/18 12:19, Lou Wallace wrote: > > Hi Greg, > > > > I did this and restarted HTTPD. No error but no change. > > > > Not sure how 10-my.conf and my.conf are called, but I did create > > them as described. > > > > Also when I checked configtest > > > > [root@server2 conf]# apachectl configtest Syntax OK > > > > and apachectl -S > > > > [root@server2 conf]# apachectl -S VirtualHost configuration: *:443 > > server2.us-west2-a.c.helpful-kingdom-220815.internal > > (/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main > > DocumentRoot: "/var/www/html" Main ErrorLog: > > "/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex > > authdigest-opaque: using_defaults Mutex proxy-balancer-shm: > > using_defaults Mutex rewrite-map: using_defaults Mutex > > authdigest-client: using_defaults Mutex ssl-stapling: > > using_defaults Mutex proxy: using_defaults Mutex authn-socache: > > using_defaults Mutex ssl-cache: using_defaults Mutex default: > > dir="/run/httpd/" mechanism=default PidFile: > > "/run/httpd/httpd.pid" Define: _RH_HAS_HTTPPROTOCOLOPTIONS Define: > > DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache" id=48 Group: > > name="apache" id=48 > > > > Looking forward to your thoughts. > > Try: > > $ apachectl -M > > I get something like this: > > Loaded Modules: > core_module (static) > log_config_module (static) > logio_module (static) > version_module (static) > mpm_prefork_module (static) > http_module (static) > so_module (static) > alias_module (shared) > auth_basic_module (shared) > authn_file_module (shared) > authz_default_module (shared) > authz_groupfile_module (shared) > authz_host_module (shared) > authz_user_module (shared) > autoindex_module (shared) > cgi_module (shared) > deflate_module (shared) > dir_module (shared) > env_module (shared) > headers_module (shared) > include_module (shared) > jk_module (shared) <-- here is mod_jk > mime_module (shared) > negotiation_module (shared) > php5_module (shared) > reqtimeout_module (shared) > rewrite_module (shared) > setenvif_module (shared) > ssl_module (shared) > status_module (shared) > Syntax OK > > If mod_jk isn't loading, obviously none of the module-defined > directives will work. > > - -chris > -BEGIN PGP SIGNATURE- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8 > pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec > jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW >
Re: help installing mod_jk on Centos 7 on a Google Cloud server
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Lou, On 11/24/18 12:19, Lou Wallace wrote: > Hi Greg, > > I did this and restarted HTTPD. No error but no change. > > Not sure how 10-my.conf and my.conf are called, but I did create > them as described. > > Also when I checked configtest > > [root@server2 conf]# apachectl configtest Syntax OK > > and apachectl -S > > [root@server2 conf]# apachectl -S VirtualHost configuration: *:443 > server2.us-west2-a.c.helpful-kingdom-220815.internal > (/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main > DocumentRoot: "/var/www/html" Main ErrorLog: > "/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex > authdigest-opaque: using_defaults Mutex proxy-balancer-shm: > using_defaults Mutex rewrite-map: using_defaults Mutex > authdigest-client: using_defaults Mutex ssl-stapling: > using_defaults Mutex proxy: using_defaults Mutex authn-socache: > using_defaults Mutex ssl-cache: using_defaults Mutex default: > dir="/run/httpd/" mechanism=default PidFile: > "/run/httpd/httpd.pid" Define: _RH_HAS_HTTPPROTOCOLOPTIONS Define: > DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache" id=48 Group: > name="apache" id=48 > > Looking forward to your thoughts. Try: $ apachectl -M I get something like this: Loaded Modules: core_module (static) log_config_module (static) logio_module (static) version_module (static) mpm_prefork_module (static) http_module (static) so_module (static) alias_module (shared) auth_basic_module (shared) authn_file_module (shared) authz_default_module (shared) authz_groupfile_module (shared) authz_host_module (shared) authz_user_module (shared) autoindex_module (shared) cgi_module (shared) deflate_module (shared) dir_module (shared) env_module (shared) headers_module (shared) include_module (shared) jk_module (shared) <-- here is mod_jk mime_module (shared) negotiation_module (shared) php5_module (shared) reqtimeout_module (shared) rewrite_module (shared) setenvif_module (shared) ssl_module (shared) status_module (shared) Syntax OK If mod_jk isn't loading, obviously none of the module-defined directives will work. - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5wT8ACgkQHPApP6U8 pFgJMA//ex7/qu/RFlla2FiSxRDJeYfwxaGywm1IrtNXL2y0/nkjIyJKLuNkwfec jWQm0ihAXKjBaLks9boK8dVmmEfEibsEDBSRK7LVtLwOd97PQgo6Wv8/itehOAQW 4Q8Vyc3Ov2PmXPTCzxehAyzdO8ltSZ5wFZ7TA6tXQYDzgY3yDxl3PMDl3Th0Byi1 tts6340/Ih4jhPdYoA0W9LXVqIYjEn/tzMgXUazjXE9jRUxP8bslOeMzQjiuLjvt BkwNDqYoTN3INxwljJ9BXVumbk4DehIIx4lw1zuxdzuiLPHYxYsJY+pYLWtAY3i4 Op6ATyoKrBiOjjN6DIFWM0ilsRS0ktM7bdwRlRFCXGTUzfwv2v2qzv6PkRsaUbma bQ9a7+FFMoHGgWQ62VUtByCyyzHsPI1RoRlXwHRNYufMI+1UpV4IxfqA8tbCcwc+ ONzzVti5y16K6mZAH4FDsU/WiFW35hkJLkDrkrvw/z3uCvQjn72etkQFoICUmlEY uxirMQHdM8CKrJ7whqiH/1ihdJXwcOPU20QCAfwEbyE58oN+sJxFWDCbGjfVbOfe l9yQrKzzp1rnNepPyeseCeOQqSKXBeBDahkSEO/WGDu2PYuOYf2vT/BV6cthLMlm WhyNoGDl3P3Hr68i4Zwe3a++cXWfzosHpLQOP5RxggV9QUsvKn8= =gAVW -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: 9.0.13 encrypted cluster traffic
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Esther, On 11/24/18 14:48, Esther Montes wrote: > Disculpe pero es q no le entiendo Lo siento si no me entiendes El idioma oficial de esta lista de correo es el inglés. Si lo desea, puede unirse a una lista de correo diferente si desea utilizar el español en su lugar. - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5vmMACgkQHPApP6U8 pFgolhAAwGxL9wl/vd4Iv1Gez60QQpgukAx0n+G5Vx1+LrumvXR3Geu96J1Be+m0 wU2YhRxVmq85CDjTcRKrDnih7BP5Lu8Xenk8BljWQRnt4zeuleN40jFyLH88MBXe E52lqmTfZXIP6eA/2csZpz5Ug436JxG20PaCqB4d2/NuNgSM0yyu2p/r+LHPqz8p EFi5x0RKcLcSgLNObM1aauMcBPnIe/i0AaO3L5LV/RGglNXZbTJOtx3WfOrDpkpY 8FH5pGb3UiWw1Q2zT4mgcWqcSzBMTwaNGHtApA47TWiYc18CqOe2Yz4T3QkEBUhW hHKqEKtDxHOZJUTGrnNhuEu8mVbCqd8xjBpsZKjncgMmtZunx8xoka+QLo/DOiXE oMEPRDZ+wAzbw/9OXj3QWgPAI4FGGjCBD2U420HP/9yggxUO+rxX2XYLcRQcM8Kl KlRMM/um/z+ogY/CST3lJ+brL+RIlFZtLKq1hxw7ouBk32yZyGTt5m+WkFMqxeIc aEn4wDKmF3/8PZhI7ByMVlZPnRph8hBqyZHkvZRrbwtnT4AHuBXRm7n9m3y9brj+ 46eT5NOMXju604pF0D+Kg2McHEjT5WEEQViLpNPy7SU0YGNb9YR9EoqA1sSXwFPe EhJo2+SrqQ5geGWFn9dCS1D5S5n9LGczvocumyw6n9s+AXP7G0Y= =fYD7 -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: 9.0.13 encrypted cluster traffic
Disculpe pero es q no le entiendo El sáb., 24 de nov. de 2018 8:13 AM, Christopher Schultz < ch...@christopherschultz.net> escribió: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Tim, > > On 11/23/18 12:55, Christopher Schultz wrote: > > Okay, the problem is that I built the EncryptInterceptor without > > realizing that cluster-messaging isn't single-threaded. It's > > completely non-thread-safe and it needs to be. > > > > There is a simple fix that can be applied (synchronize the encrypt > > and decrypt methods) but it'll create a big bottleneck for you. On > > the other hand, it's easy to apply and test and ensure it's working > > in your environment. Are you willing to grab the Tomcat source and > > compile it? If you get the 9.0.13 source and are able to compile > > it, I can give you a 2-line patch that should fix your issue. > > Alternatively, I can give you a patched catalina-tribes.jar that > > you can just drop-in-replace to try out. > > > > I have a more elaborate patch that I'm going to apply soon and it > > should be available in the next release of Tomcat 9. > > I think this should be fixed, now. If you build from trunk, I think > things will work remarkably better for you. Or, just wait until the > next release (a few weeks maybe). If you *can* build from source, it > would be great to get some real-world mileage on this code before the > next release. > > - -chris > -BEGIN PGP SIGNATURE- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5eJ4ACgkQHPApP6U8 > pFgMQw//Z1BND215m27Lja3sHlJjWDEHdS/snEqtZfbED1ps7C0a/1/P867yS004 > XWdcgRlPLEZub0exaav3J84EGPB+7KTaipPvulIap2pyoXDhd9H2UInqtqRZqR+u > RLzDQoXXErFY5usigR2lVUlNyHjFyBybWV4Wrru/J+VuN9+E9iYe9czXYSKmZNX0 > Kig8NlaQcVdcCazQEQ60bPuLxEUoVW+ggZAwsBJ2hCvWjaBH3naTXZEzhOWu+R4J > /tZ+o1echoWQSH5um7nPeFlNU5wla7zKCSg6zpLLFIzolJjR3Yr9LRP6wBw0Herj > ikKs4fURsF+MDP04JLbJO0qHuV+6Ydz4nbln3mQRtLMNlkBP9dNB8pdQ7kTdntxG > k3Olp2805Gb+9aVdkD805g4fk/4eRTafwRRVaSPtVPvXm0544tjUh7AxpWIyL3k4 > /qPAK84AvY1EacRzvr9pnKZcUGiY5WT6Zn7yPYkVX+OUhFwLgowJEnyhdq1Uy1r6 > rm20H4UWHH+hC1Ae+ErXAVJj7n5+7LHq/2BAtL6qDJjBSiGp4iuO8XHv89EwHC1B > pTV2SkwKNtFoLy7iOOIBgSqp6urYVhZnQNKAXvFZotoEgkKm/GdtsKR3IayAgBUe > 7uLltKHvfKKyYh6KL7BhbntBSILIYbWYVohgdsquIuk+94NFgwc= > =293j > -END PGP SIGNATURE- > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: help installing mod_jk on Centos 7 on a Google Cloud server
Hi Greg,
I did this and restarted HTTPD. No error but no change.
Not sure how 10-my.conf and my.conf are called, but I did create them as
described.
Also when I checked configtest
[root@server2 conf]# apachectl configtest
Syntax OK
and apachectl -S
[root@server2 conf]# apachectl -S
VirtualHost configuration:
*:443 server2.us-west2-a.c.helpful-kingdom-220815.internal
(/etc/httpd/conf.d/ssl.conf:56)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48
Looking forward to your thoughts.
Lou
On Thu, Nov 22, 2018 at 3:40 AM Greg Huber wrote:
> -Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
> -/etc/httpd/conf/httpd.conf:
> -Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
> -perhaps misspelled or defined by a module not included in the server
> -configuration
>
> Line 63? possibly have not loaded mod_jk.so ?
>
> To test config use :
> apachectl configtest
>
> List config:
> apachectl -S
>
>
> Don't change httpd.conf if possible.
> From my notes (this always works for me) :
>
> Build mod_jk.so build
> yum install httpd-devel
> download tomcat-connectors-x.x.xx-src.tar.gz
> extract and cd into the native folder
> cd /opt/apache-tomcat/tomcat-connectors-x.x.xx-src/native
> ./configure --with-apxs=/usr/bin/apxs
> make
> copy file ./apache-2.0/mod_jk.so to /etc/httpd/modules
> make clean
> --
> if you create a file /etc/httpd/conf.modules.d/10-my.conf (rather than
> changing /etc/httpd/conf/httpd.conf)
>
> /etc/httpd/conf.modules.d/10-my.conf:
>
> LoadModule jk_module modules/mod_jk.so
>
> --
> if you create a file /etc/httpd/conf.d/my.conf (rather than changing
> /etc/httpd/conf/httpd.conf)
> /etc/httpd/conf.d/my.conf:
>
>
>
> JkWorkersFile "/etc/httpd/conf.d/workers.properties"
> JkLogFile "/etc/httpd/logs/mod_jk.log"
> JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
> JkLogLevel info
> JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
>
>
>
> ServerAdmin m...@www.me.com
> DocumentRoot /var/www/html
> ServerName www.me.com
> ServerAlias me.com
>
>
> Require all denied
>
>
> Require all denied
>
> ...
> JkMount / worker1
> JkMount /* worker1
> ...
>
>
>
>
>
> On Wed, 21 Nov 2018 at 18:41, Lou Wallace wrote:
>
> > Hey Greg,
> >
> > Thanks for the info. I changed both httpd.conf and workers.properties to
> > your settings. Got the same error msg when I restarted httpd.
> >
> > When I checked journalist I get
> >
> > ● httpd.service - The Apache HTTP Server
> >Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled;
> vendor
> > preset: disabled)
> >Active: failed (Result: exit-code) since Wed 2018-11-21 18:32:37 UTC;
> > 3min 51s ago
> > Docs: man:httpd(8)
> >man:apachectl(8)
> > Process: 24340 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited,
> > status=1/FAILURE)
> > Process: 24339 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
> > (code=exited, status=1/FAILURE)
> > Main PID: 24339 (code=exited, status=1/FAILURE)
> > Nov 21 18:32:37 server2 systemd[1]: Starting The Apache HTTP Server...
> > Nov 21 18:32:37 server2 httpd[24339]: AH00526: Syntax error on line 63 of
> > /etc/httpd/conf/httpd.conf:
> > Nov 21 18:32:37 server2 httpd[24339]: Invalid command 'JkWorkersFile',
> > perhaps misspelled or defined by a module not included in the server
> > configuration
> > Nov 21 18:32:37 server2 systemd[1]: httpd.service: main process exited,
> > code=exited, status=1/FAILURE
> > Nov 21 18:32:37 server2 kill[24340]: kill: cannot find process ""
> > Nov 21 18:32:37 server2 systemd[1]: httpd.service: control process
> exited,
> > code=exited status=1
> > Nov 21 18:32:37 server2 systemd[1]: Failed to start The Apache HTTP
> Server.
> > Nov 21 18:32:37 server2 systemd[1]: Unit httpd.service entered failed
> > state.
> > Nov 21 18:32:37 server2 systemd[1]: httpd.service failed.
> >
> >
> >
> > On Wed, Nov 21, 2018 at 11:31 AM Greg Huber wrote:
> >
> > > For my centos/mod._jk I use :
> > >
> > > /etc/httpd/conf.d/my.conf :
> > >
> > > ...
> > > JkWorkersFile "/etc/httpd/conf.d/workers.properties"
> > > JkLogFile "/etc/httpd/logs/mod_jk.log"
> > > JkShmFile "/etc/httpd/logs/jk-runtime-status.log"
> > > JkLogLevel info
> > > JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
> > >
> > > JkMount / worker1
> > > JkMount /* worker1
> > >
> > >
> > > workers.properties :
> > > # Define 1 real
Re: Connection pool and parallel deployment problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Gilles, On 11/23/18 05:07, Gilles SCHLIENGER wrote: > Thanks Mark for your answer > > Here is what I found in case someone has the same problem. > > When you use parallel deployment, you should not use a connexion > pool in the context.xml file Why not? > Once the connexions are opened, they stay opened until Tomcat > shuts down, whatever configuration you try. I would expect that any connection pool created for a context (or instance of a context, when parallel deployments are being done) would be shut-down when the application is undeployed. Are you actually undeploying the old context? It doesn't happen automatically IIRC. > So everytime you deploy a new version of your webapp, new > connexions are being opened. This is expected. How could it work, otherwise? > So we will configure our connexion pools directly in our Spring > webapp. This way, the connexions are closed when the webapp is > undeployed. That's one way to solve the issue, but not the only way. > The warning/error messages are not actually linked to the > connexions not closed. To ovoid these messages, you can: - move the > jars (connexion pool, drivers...) into TOMCAT/lib - Have a > ServletContextListener that calls > AbandonedConnectionCleanupThread.checkedShutdown(); The Connector/J devs haven't been able to understand how ClassLoaders work, and have never really fixed that long-standing bug in a satisfying way as far as I know. But you should always use a ServletContextListener to attempt to shut-down the AbadonedConnectionCleanuopThread. BTW that thread does not work as documented. It's claimed that it doesn't start unless you issue a query with a timeout, but it always starts whether or not you use queries with timeouts. It's frustrating. - -chris > -Message d'origine- De : Mark Thomas > [mailto:ma...@apache.org] Envoyé : mercredi 21 novembre 2018 14:18 > À : Tomcat Users List; Gilles SCHLIENGER Objet : Re: Connection > pool and parallel deployment problem > > On 21/11/2018 11:00, Gilles SCHLIENGER wrote: >> Hi all, >> >> We are using Tomcat 9 and parallel deployment. >> >> I use a connection pool defined in the xml context (myApp##1.xml, >> myApp##2.xml in my exemple) >> >> I have the following problem : - I have myApp##1.war deployed >> using a connection pool (configured in myApp##1.xml) - I deploy >> myApp##2.war (using a connection pool defined in myApp##2.xml) - >> when the last session in myApp##1 expires, myApp##1 is >> automatically undeployed (I have undeployOldVersions="true" in >> server.xml for the Host) but the connections opened by myApp##1 >> are not closed. >> >> I used the Tomcat configuration from the example in : >> https://tomcat.apache.org/tomcat-9.0-doc/jndi-datasource-examples-how to.html#Database_Connection_Pool_(DBCP_2)_Configurations >> >> >> > maxTotal="100" maxIdle="30" maxWaitMillis="1" >> destroy-method="close" username="postgres" password="password" >> driverClassName="org.postgresql.Driver" >> url="jdbc:postgresql://localhost:5432/postgres?stringtype=unspecified "/> >> >> >> During undeploy, I get the following messages : >> >> 21-Nov-2018 11:42:54.795 AVERTISSEMENT >> [ContainerBackgroundProcessor[StandardEngine[Catalina]]] >> org.apache.catalina.loader.WebappClassLoaderBase.clearReferencesJdbc >> The web application [myApp##1] registered the JDBC driver >> [org.postgresql.Driver] but failed to unregister it when the web >> application was stopped. To prevent a memory leak, the JDBC >> Driver has been forcibly unregistered. > > That is a warning you should be able to fix by unregistering the > JDBC driver in a ServletContextListener. > >> 21-Nov-2018 11:42:54.800 AVERTISSEMENT >> [ContainerBackgroundProcessor[StandardEngine[Catalina]]] >> org.apache.catalina.loader.WebappClassLoaderBase.clearReferencesThrea ds >> The web application [myApp##1] appears to have started a thread >> named [Abandoned connection cleanup thread] but has failed to >> stop it. This is very likely to create a memory leak. Stack trace >> of thread: java.base@10.0.1/java.lang.Object.wait(Native Method) >> java.base@10.0.1/java.lang.ref.ReferenceQueue.remove(ReferenceQueue.j ava:151) >> >> com.mysql.jdbc.AbandonedConnectionCleanupThread.run(AbandonedConnectionC leanupThread.java:64) >> java.base@10.0.1/java.util.concurrent.ThreadPoolExecutor.runWorker(Th readPoolExecutor.java:1135) >> >> java.base@10.0.1/java.util.concurrent.ThreadPoolExecutor$Worker.run(Thre adPoolExecutor.java:635) >> java.base@10.0.1/java.lang.Thread.run(Thread.java:844) > > That is a thread started by the MySQL driver. There should be an > API provided by the MySQL driver that you can call to stop the > thread (again in a ServletContextListener) although I'd expect that > to happen automatically as part of unloading the driver. > > If there is no way to stop the thread then that would be a bug in > the MySQL driver. > > Mark > >
Re: 9.0.13 encrypted cluster traffic
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Tim, On 11/23/18 12:55, Christopher Schultz wrote: > Okay, the problem is that I built the EncryptInterceptor without > realizing that cluster-messaging isn't single-threaded. It's > completely non-thread-safe and it needs to be. > > There is a simple fix that can be applied (synchronize the encrypt > and decrypt methods) but it'll create a big bottleneck for you. On > the other hand, it's easy to apply and test and ensure it's working > in your environment. Are you willing to grab the Tomcat source and > compile it? If you get the 9.0.13 source and are able to compile > it, I can give you a 2-line patch that should fix your issue. > Alternatively, I can give you a patched catalina-tribes.jar that > you can just drop-in-replace to try out. > > I have a more elaborate patch that I'm going to apply soon and it > should be available in the next release of Tomcat 9. I think this should be fixed, now. If you build from trunk, I think things will work remarkably better for you. Or, just wait until the next release (a few weeks maybe). If you *can* build from source, it would be great to get some real-world mileage on this code before the next release. - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv5eJ4ACgkQHPApP6U8 pFgMQw//Z1BND215m27Lja3sHlJjWDEHdS/snEqtZfbED1ps7C0a/1/P867yS004 XWdcgRlPLEZub0exaav3J84EGPB+7KTaipPvulIap2pyoXDhd9H2UInqtqRZqR+u RLzDQoXXErFY5usigR2lVUlNyHjFyBybWV4Wrru/J+VuN9+E9iYe9czXYSKmZNX0 Kig8NlaQcVdcCazQEQ60bPuLxEUoVW+ggZAwsBJ2hCvWjaBH3naTXZEzhOWu+R4J /tZ+o1echoWQSH5um7nPeFlNU5wla7zKCSg6zpLLFIzolJjR3Yr9LRP6wBw0Herj ikKs4fURsF+MDP04JLbJO0qHuV+6Ydz4nbln3mQRtLMNlkBP9dNB8pdQ7kTdntxG k3Olp2805Gb+9aVdkD805g4fk/4eRTafwRRVaSPtVPvXm0544tjUh7AxpWIyL3k4 /qPAK84AvY1EacRzvr9pnKZcUGiY5WT6Zn7yPYkVX+OUhFwLgowJEnyhdq1Uy1r6 rm20H4UWHH+hC1Ae+ErXAVJj7n5+7LHq/2BAtL6qDJjBSiGp4iuO8XHv89EwHC1B pTV2SkwKNtFoLy7iOOIBgSqp6urYVhZnQNKAXvFZotoEgkKm/GdtsKR3IayAgBUe 7uLltKHvfKKyYh6KL7BhbntBSILIYbWYVohgdsquIuk+94NFgwc= =293j -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Translations update
Le vendredi 23 novembre 2018 à 23:51 +0100, Rémy Maucherat a écrit : > On Wed, Nov 21, 2018 at 10:58 AM Mark Thomas > wrote: > > > - French has increased from 18% to 64% coverage > > > > Done (well, close enough, a few tribes/ha remain) ! A single translation remains to be performed. Jump to https://poeditor.com/join/project/NUTIjDWzrl and be the one to complete the French translation. ;-) Ludovic - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Translations update
On Sat, Nov 24, 2018 at 12:01 AM Mark Thomas wrote: > On 23/11/2018 22:51, Rémy Maucherat wrote: > > On Wed, Nov 21, 2018 at 10:58 AM Mark Thomas wrote: > > > >> - French has increased from 18% to 64% coverage > >> > > > > Done (well, close enough, a few tribes/ha remain) ! > > > > Or rather, the initial work is done, gradual proofreading, rewording and > > harmonizing would be needed. But it's not too bad as search and replace > is > > easier than initial translation (IMO). > > > > And the source English strings are not exempt from that either, for > example: > > - many strings have big WARNING at first: it should be removed as it > > duplicates the log level of the logger > > - similar: message location info, like the thing occurred in FooBarClass, > > which well, is probably going to be the log category > Explanation for Jasper: it uses the ServletContext "logger" (I had forgotten), and it only has a generic log method which logs either as info or error. However the "WARN" should probably not be i18n-ed to be able to be further processed if needed and it shouldn't be part of the String, it should be "WARN: " + i18n. > > - debug with lots of random variables like in Tribes/HA, this shouldn't > > have i18n > > - some random digressions, IMO it should be kept to the point and avoid > > many sentences > > > > Is it possible to edit English directly in POEditor, or should it be done > > in svn/git ? > > We can edit the English directly. We just need to be careful about > keeping POEditor and svn in sync. > > Let me check how in sync they are at the moment for English... > > Look to be 100% in sync so edit away in POEditor if that is easier. > Worth mentioning your plans on dev@ in case anyone is thinking of > updating the terms and/or English values. > Ok, nice. Rémy
